wfjsw/help-wanted.md

Last active September 23, 2024 15:47

Star () You must be signed in to star a gist
Fork () You must be signed in to fork a gist

Learn more about clone URLs
Clone this repository at <script src="https://gist.github.com/wfjsw/7c8763dfd543b49b2a3ebf089acc83b0.js"></script>
Save wfjsw/7c8763dfd543b49b2a3ebf089acc83b0 to your computer and use it in GitHub Desktop.

Download ZIP

OPPOENCRYPT! ozip Specs

Raw

help-wanted.md

Help-Wanted

~~Find out the exact encryption algorithm used by aes_decrypt (hint: use IDA Pro against /sbin/recovery )~~ it is aes-ecb
Extract the 128-bit ECB Key (binary is here, aarch64 elf, 0x23f08)
Implement external decryptor

Raw

ozip.md

OPPOENCRYPT OZIP Specs

Schema

An ordinary OZIP file is constructed with following schema:

Overall

offset	size	type	description
0	4176	header	See Meta header
4177	rest	Data	encrypted zip

Meta header

offset	size	type	description
0	16	header	Always contain `4F 50 50 4F 45 4E 43 52 59 50 54 21 00 00 00 00 ; OPPOENCRYPT!....` (by vendor)
17	16	decompressed size	in bytes (append `00 ; .`)
33	48	hash	SHA1 of the decrypted data (40 bytes, append `00 ; .`)
81	variant	recovery instruction	Example: `ota-id=R9s_11.A.14_014_201611261040 (0A) ota_version=R9s_11.A.14_014_201611261040 (0A) patch_type=1 (0A) post-timestamp=1480130654 (0A) version_name=R9s_11_A.14_161126 (0A) wipe=0`

Data

(The following offset have meta-header stripped)

The Data section contains an ordinary encrypted zip file.

Encryption

From offset:00000000 , for every offset+:00004010 , the following 16 bytes is encrypted by AES-128-ECB (key unknown)

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment